To protect its users against SIM hackers, Instagram is building a new 2-factor authentication system that doesn’t rely on SMS.
The traditional 2-factor authentication method that relies on an SMS to a phone number isn’t safe from hacking. According to recent reports, hackers can steal your Instagram account by porting your phone number onto a different SIM card and simply requesting to change your password; all this, without you ever knowing. Hackers then sell your Instagram (or other accounts for Bitcoin).
To thwart them, Instagram is now building a non-SMS 2-factor authentication system that works with security apps like Google Authenticator or Duo. The apps generate codes that can’t be generated on a different device with a ported SIM.
Social media tipster Jane Manchun Wong spotted the feature buried in the Instagram Android app’s APK, and following a report by TechCrunch and other news outlets, the feature has been confirmed by Instagram. A spokesperson confirmed, “we’re continuing to improve the security of Instagram accounts, including strengthening 2-factor authentication.”
Strangely enough, Instagram didn’t actually have two-factor authentication until 2016. While SMS 2FA worked or a while, SIM porting has become a much more common and serious problem. This article can help you protect your phone number from porting.
You might also like
More from Instagram
Facebook and Instagram have introduced cross-app messaging, letting users from one app find and message you on the other.
Instagram has announced new measures against bad behavior on its platform, including removing accounts that send abusive DMs.
Username hacking consists of stealing rare and coveted usernames on platforms like Instagram, and then sell them for a profit.
Instagram has rolled out a new Content Publishing API that will support scheduling and publishing single photo or video posts.
The Instagram Professional Dashboard is a single destination to help track your performance and access professional tools.